package com.easyj.admin.configuration;



import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;

import com.easyj.base.constant.Constants;
import com.easyj.base.security.SecurityConstant;
import com.easyj.base.security.filter.JCacheAuthenticationTokenSecurityConfig;
import com.easyj.base.security.filter.CaptchaCodeSecurityConfig;
import com.easyj.base.security.service.AuthenticationAccessDeniedHandler;
import com.easyj.base.security.service.DefaultAuthenticationEntryPoint;
import com.easyj.base.security.service.DefaultAuthenticationFailureHandler;
import com.easyj.base.security.service.DefaultAuthenticationSuccessHandler;






@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userService;
    @Autowired
    private DefaultAuthenticationSuccessHandler successHandler;
    
    @Autowired
    private DefaultAuthenticationFailureHandler failureHandler;
    
    @Autowired
    private AuthenticationAccessDeniedHandler accessDeniedHandler;
    
    @Autowired
    private JCacheAuthenticationTokenSecurityConfig jAuthenticationTokenSecurityConfig;
    
    @Autowired
    private CaptchaCodeSecurityConfig captchaCodeSecurityConfig;
    
    @Autowired
    private DefaultAuthenticationEntryPoint defaultAuthenticationEntryPoint;
   
    /**
        * 登录密码加密码方式
     */
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userService).passwordEncoder(SecurityConstant.PasswordEncoder);
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        web.ignoring().antMatchers("/","/favicon.ico","/lodop/*.*","/*.pdf","/*.jpg" ,"/*.png" ,"/*.css","/index.html","/static/**",Constants.URSER_RESOURCE_PREFIX + "/**");
    }
   
   
    
    @Override
    protected void configure(HttpSecurity http) throws Exception {
       http
       .apply(jAuthenticationTokenSecurityConfig).and()
       .apply(captchaCodeSecurityConfig)// 添加关于验证码登录的配置
       .and().authorizeRequests().antMatchers("/auth/*").permitAll()
       .antMatchers("/avatar/**").permitAll()//
       .and().formLogin()
       .loginPage("/auth/toLogin")
       .loginProcessingUrl(SecurityConstant.Auth_LOGIN_URL)
       .successHandler(successHandler)
       .failureHandler(failureHandler)
       //.and().logout().
       .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
       .and().authorizeRequests().anyRequest().authenticated()  
       .and().exceptionHandling().authenticationEntryPoint(defaultAuthenticationEntryPoint).accessDeniedHandler(accessDeniedHandler)
       .and().csrf().disable();       // 关闭CSRF跨域
    }    
}